Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Andi Kleen <andi@...>, <casey@...>

Cc: <linux-security-module@...>, <linux-kernel@...>, <akpm@...>, <torvalds@...>

Subject: Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel

Date: Saturday, August 11, 2007 - 9:36 pm

--- Andi Kleen <andi@firstfloor.org> wrote:

quoted text> Casey Schaufler <casey@schaufler-ca.com> writes:
> 
> > Smack is the Simplified Mandatory Access Control Kernel.
> 
> I like the simplified part.
> 
> > +static int smk_get_access(smack_t sub, smack_t obj)
> > +{
> > +	struct smk_list_entry *sp = smack_list;
> > +
> > +	for (; sp != NULL; sp = sp->smk_next)
> > +		if (sp->smk_rule.smk_subject == sub &&
> > +		    sp->smk_rule.smk_object == obj)
> > +			return sp->smk_rule.smk_access;
> 
> Do I miss something, or is there really no locking for the reader side
> of the list? That looks dangerous. Of course a global lock for readers 
> would be likely a scaling disaster. You could use RCU.

Entries are never deleted, although they can be modified.

quoted text> Or if you assume rules are changed only very infrequently it might
> be more cache friendly to compile all the rules into a linear buffer
> and then just replace the whole buffer atomically with a RCU
> grace period on cahnges.

Individual entries can be modified without changing the whole
thing, but they shouldn't change often.

quoted text> It doesn't look like it would scale to larger numbers of rules though.
> Is that intended? Would caching of decisions fit into the design?

I put some thought into clever schemes for supporting large rule sets
well but decided to go ahead with the simplest possible mechanism
because I expect that in real deployments the number of rules will
be small. In fact, experiance says that virtually all access choices
will be covered either by the subject==object case or the subject can
read floor case. Cacheing, hashing, and 2D structures are all
possibilties that I would be happy to entertain as enhancements.

quoted text> Also in general code style would need some improvements;
> e.g. no externs in .c; no ../.. include hacks etc.
> You also seem weak on the Documentation front.

Yes, it is pretty sparse.

quoted text> Other than that it looks reasonably clean (haven't read all of it)

Thank you for your comments. I think the next version will be improved.

Casey Schaufler
casey@schaufler-ca.com
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sat Aug 11, 1:57 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel , Keith Owens, (Sat Aug 11, 11:45 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel , Casey Schaufler, (Sun Aug 12, 1:16 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Andi Kleen, (Sat Aug 11, 7:14 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sat Aug 11, 9:36 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Andi Kleen, (Sun Aug 12, 7:49 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sun Aug 12, 1:48 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Andi Kleen, (Sun Aug 12, 5:36 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sun Aug 12, 5:46 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Jan Engelhardt, (Sat Aug 11, 4:26 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sat Aug 11, 7:22 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Jan Engelhardt, (Sun Aug 12, 7:16 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sun Aug 12, 3:50 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Kyle Moffett, (Sat Aug 11, 3:18 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sat Aug 11, 5:01 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Kyle Moffett, (Sat Aug 11, 5:47 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sat Aug 11, 9:21 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Kyle Moffett, (Sun Aug 12, 12:32 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sun Aug 12, 3:41 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Kyle Moffett, (Sun Aug 12, 9:38 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Mon Aug 13, 12:23 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Pavel Machek, (Thu Aug 16, 4:58 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Fri Aug 17, 12:56 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Kyle Moffett, (Sat Aug 18, 1:29 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Mon Aug 20, 10:29 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Pavel Machek, (Tue Aug 21, 3:37 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Tue Aug 21, 11:35 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Pavel Machek, (Wed Aug 22, 4:05 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Wed Aug 22, 2:47 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Jan Engelhardt, (Thu Aug 23, 3:14 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, , (Sun Aug 19, 5:12 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Kyle Moffett, (Tue Aug 21, 9:16 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Tue Aug 21, 11:50 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Kyle Moffett, (Tue Aug 21, 11:43 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Fri Sep 7, 12:02 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Wed Aug 22, 12:08 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Miguel Ojeda, (Fri Aug 17, 5:46 am)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Joshua Brindle, (Sun Aug 12, 10:36 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Kyle Moffett, (Sun Aug 12, 10:45 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Crispin Cowan, (Sun Aug 12, 7:18 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Arjan van de Ven, (Sat Aug 11, 3:12 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel, Casey Schaufler, (Sat Aug 11, 3:56 pm)

Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel , Keith Owens, (Sat Aug 11, 11:39 pm)


linux-kernel:
Bart Van Assche	Integration of SCST in the mainstream Linux kernel
Tarkan Erimer	Re: Slow DOWN, please!!!
Greg Kroah-Hartman	[PATCH 004/196] Chinese: add translation of SubmittingPatches
Dave Hansen	Re: [RFC/PATCH] Documentation of kernel messages
git:
Sander	'struct task_struct' has no member named 'mems_allowed' (was: Re: 2.6.20-rc4-mm1)
linux-netdev:
Evgeniy Polyakov	Re: [PATCH 3/3] Convert the UDP hash lock to RCU
Frans Pop	svc: failed to register lockdv1 RPC service (errno 97).
Stephen Hemminger	Re: HTB accuracy for high speed
Gerrit Renker	[PATCH 15/37] dccp: Set per-connection CCIDs via socket options
openbsd-misc: